NEW 2023 Certification Sample Questions AZ-204 Dumps & Practice Exam [Q72-Q96] | DumpsMaterials

NEW 2023 Certification Sample Questions AZ-204 Dumps & Practice Exam [Q72-Q96]

Share

NEW 2023 Certification Sample Questions AZ-204 Dumps & Practice Exam

AZ-204 Deluxe Study Guide with Online Test Engine

NEW QUESTION # 72
You are developing a web application that runs as an Azure Web App. The web application stores data in Azure SQL Database and stores files in an Azure Storage account. The web application makes HTTP requests to external services as part of normal operations.
The web application is instrumented with Application Insights. The external services are OpenTelemetry compliant.
You need to ensure that the customer ID of the signed in user is associated with all operations throughout the overall system.
What should you do?

  • A. Create a new SpanContext with the TraceRags value set to the customer ID for the signed in user.
  • B. Add the customer ID for the signed in user to the CorrelationContext in the web application.
  • C. Set the header Ocp-Apim-Trace to the customer ID for the signed in user.
  • D. On the current SpanContext, set the Traceld to the customer ID for the signed in user.

Answer: B

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/azure-monitor/app/correlation


NEW QUESTION # 73
You need to ensure that network security policies are met.
How should you configure network security? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/web-application-firewall/ag/ag-overview
https://www.upguard.com/articles/10-tips-for-securing-your-nginx-deployment


NEW QUESTION # 74
You are developing a .NET Core model-view controller (MVC) application hosted on Azure for a health care system that allows providers access to their information.
You develop the following code:

You define a role named SysAdmin.
You need to ensure that the application meets the following authorization requirements:
* Allow the ProviderAdmin and SysAdmin roles access to the Partner controller regardless of whether the user holds an editor claim of partner.
* Limit access to the Manage action of the controller to users with an editor claim of partner who are also members of the SysAdmin role.
How should you complete the code? To answer, drag the appropriate code segments to the correct locations.
Each code segment may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1:
Allow the ProviderAdmin and SysAdmin roles access to the Partner controller regardless of whether the user holds an editor claim of partner.
Box 2:
Limit access to the Manage action of the controller to users with an editor claim of partner who are also members of the SysAdmin role.


NEW QUESTION # 75
Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
You develop a software as a service (SaaS) offering to manage photographs. Users upload photos to a web service which then stores the photos in Azure Storage Blob storage. The storage account type is General-purpose V2.
When photos are uploaded, they must be processed to produce and save a mobile-friendly version of the image. The process to produce a mobile-friendly version of the image must start in less than one minute.
You need to design the process that starts the photo processing.
Solution: Move photo processing to an Azure Function triggered from the blob upload.
Does the solution meet the goal?

  • A. Yes
  • B. No

Answer: A

Explanation:
Explanation
Azure Storage events allow applications to react to events. Common Blob storage event scenarios include image or video processing, search indexing, or any file-oriented workflow.
Events are pushed using Azure Event Grid to subscribers such as Azure Functions, Azure Logic Apps, or even to your own http listener.
Note: Only storage accounts of kind StorageV2 (general purpose v2) and BlobStorage support event integration. Storage (general purpose v1) does not support integration with Event Grid.
Reference:
https://docs.microsoft.com/en-us/azure/storage/blobs/storage-blob-event-overview


NEW QUESTION # 76
You are developing an Azure Function app.
The app must meet the following requirements:
Enable developers to write the functions by using the Rust language.
Declaratively connect to an Azure Blob Storage account.
You need to implement the app.
Which Azure Function app features should you use? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/azure-functions/create-first-function-vs-code-other
https://docs.microsoft.com/en-us/dotnet/architecture/serverless/azure-functions


NEW QUESTION # 77
You are developing an Azure Cosmos DB solution by using the Azure Cosmos DB SQL API. The data includes millions of documents. Each document may contain hundreds of properties.
The properties of the documents do not contain distinct values for partitioning. Azure Cosmos DB must scale individual containers in the database to meet the performance needs of the application by spreading the workload evenly across all partitions over time.
You need to select a partition key.
Which two partition keys can you use? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. a hash suffix appended to a property value
  • B. a value containing the collection name
  • C. a single property value that appears frequently in the documents
  • D. a concatenation of multiple property values with a random suffix appended
  • E. a single property value that does not appear frequently in the documents

Answer: A,D

Explanation:
You can form a partition key by concatenating multiple property values into a single artificial partitionKey property. These keys are referred to as synthetic keys.
Another possible strategy to distribute the workload more evenly is to append a random number at the end of the partition key value. When you distribute items in this way, you can perform parallel write operations across partitions.
Note: It's the best practice to have a partition key with many distinct values, such as hundreds or thousands. The goal is to distribute your data and workload evenly across the items associated with these partition key values. If such a property doesn't exist in your data, you can construct a synthetic partition key.
https://docs.microsoft.com/en-us/azure/cosmos-db/synthetic-partition-keys


NEW QUESTION # 78
You are developing an application that uses a premium block blob storage account. You are optimizing costs by automating Azure Blob Storage access tiers.
You apply the following policy rules to the storage account. You must determine the implications of applying the rules to the data. (Line numbers are included for reference only.)

Answer:

Explanation:

Explanation


NEW QUESTION # 79
You are building a traffic monitoring system that monitors traffic along six highways. The system produces time series analysis-based reports for each highway. Data from traffic sensors are stored in Azure Event Hub.
Traffic data is consumed by four departments. Each department has an Azure Web App that displays the time-series-based reports and contains a WebJob that processes the incoming data from Event Hub. All Web Apps run on App Service Plans with three instances.
Data throughout must be maximized. Latency must be minimized.
You need to implement the Azure Event Hub.
Which settings should you use? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: 6
The number of partitions is specified at creation and must be between 2 and 32.
There are 6 highways.
Box 2: Highway
References:
https://docs.microsoft.com/en-us/azure/event-hubs/event-hubs-features


NEW QUESTION # 80
You need to configure the integration for Azure Service Bus and Azure Event Grid.
How should you complete the CLI statement? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/cli/azure/eventgrid/event-subscription?view=azure-cli-latest#az_eventgrid_event_subscription_create


NEW QUESTION # 81
You are developing an app that manages users for a video game. You plan to store the region, email address, and phone number for the player. Some players may not have a phone number. The player's region will be used to load-balance data.
Data for the app must be stored in Azure Table Storage.
You need to develop code to retrieve data for an individual player.
How should you complete the code? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Explanation:

Box 1: region
The player's region will be used to load-balance data.
Choosing the PartitionKey.
The core of any table's design is based on its scalability, the queries used to access it, and storage operation requirements. The PartitionKey values you choose will dictate how a table will be partitioned and the type of queries that can be used. Storage operations, in particular inserts, can also affect your choice of PartitionKey values.
Box 2: email
Not phone number some players may not have a phone number.
Box 3: CloudTable
Box 4 : TableOperation query =..
Box 5: TableResult
References:
https://docs.microsoft.com/en-us/rest/api/storageservices/designing-a-scalable-partitioning-strategy-for-azure-tab


NEW QUESTION # 82
A software as a service (SaaS) company provides document management services. The company has a service that consists of several Azure web apps. All Azure web apps run in an Azure App Service Plan named PrimaryASP.
You are developing a new web service by using a web app named ExcelParser. The web app contains a third-party library for processing Microsoft Excel files. The license for the third-party library stipulates that you can only run a single instance of the library.
You need to configure the service.
How should you complete the script? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Table Description automatically generated

Reference:
https://docs.microsoft.com/en-us/azure/app-service/manage-scale-per-app


NEW QUESTION # 83
You are developing an ASP.NET Core web application. You plan to deploy the application to Azure Web App for Containers.
The application needs to store runtime diagnostic data that must be persisted across application restarts. You have the following code:

You need to configure the application settings so that diagnostic data is stored as required.
How should you configure the web app's settings? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/app-service/containers/app-service-linux-faq


NEW QUESTION # 84
You are Implmenting an Azure solution that uses Azure Cosmos DB and the latest Azure Cosmos DB SDK. You add a change feed processor to a new container instance.
You attempt to lead a batch of 100 documents. The process falls when reading one of the documents. The solution must monior the progress of the change feed processor instance on the new container as the change feed is read. You must prevent the change feed processor from retrying the entire batch when one document cannot be read.
You need to implement the change feed processor to read the documents.
Which features should you use? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, More than once, or not at all. You may need to drag The split bat between panes or scroll to view content Each correct selection is worth one point

Answer:

Explanation:


NEW QUESTION # 85
You develop an Azure solution that uses Cosmos DB.
The current Cosmos DB container must be replicated and must use a partition key that is optimized for queries.
You need to implement a change feed processor solution.
Which change feed processor components should you use? To answer, drag the appropriate components to the correct requirements. Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view the content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation
Graphical user interface, application Description automatically generated

Box 1: The monitored container
The monitored container has the data from which the change feed is generated. Any inserts and updates to the monitored container are reflected in the change feed of the container.
Box 2: The lease container
The lease container acts as a state storage and coordinates processing the change feed across multiple workers.
The lease container can be stored in the same account as the monitored container or in a separate account.
Box 3: The host: A host is an application instance that uses the change feed processor to listen for changes.
Multiple instances with the same lease configuration can run in parallel, but each instance should have a different instance name.
Box 4: The delegate
The delegate is the code that defines what you, the developer, want to do with each batch of changes that the change feed processor reads.
Reference:
https://docs.microsoft.com/en-us/azure/cosmos-db/change-feed-processor


NEW QUESTION # 86
You are developing a content management application for technical manuals. The application is deployed as an Azure Static Web app.
Authenticated users can view pages under /manuals but only contributors can access the page /manuals/new html.
You need to configure the routing for the web app.
How should you complete the configuration? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation


NEW QUESTION # 87
You are developing a Java application to be deployed in Azure. The application stores sensitive data in Azure Cosmos DB. You need to configure Always Encrypted to encrypt the sensitive data inside the application.
What should you do first?

  • A. Create a customer-managed key (CMK) and store the key in a new Azure Key Vault instance.
  • B. Create a new container to include an encryption policy with the JSON properties to be encrypted.
  • C. Create an Azure AD managed identity and assign the identity to a new Azure Key Vault instance.
  • D. Create a data encryption key (DEK) by using the Azure Cosmos DB SDK and store the key in Azure Cosmos DB.

Answer: A


NEW QUESTION # 88
An organization plans to deploy Azure storage services.
You need to configure shared access signature (SAS) for granting access to Azure Storage.
Which SAS types should you use? To answer, drag the appropriate SAS types to the correct requirements. Each SAS type may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Reference:
https://docs.microsoft.com/en-us/azure/storage/common/storage-sas-overview


NEW QUESTION # 89
You are Implmenting an Azure solution that uses Azure Cosmos DB and the latest Azure Cosmos DB SDK. You add a change feed processor to a new container instance.
You attempt to lead a batch of 100 documents. The process falls when reading one of the documents. The solution must monior the progress of the change feed processor instance on the new container as the change feed is read. You must prevent the change feed processor from retrying the entire batch when one document cannot be read.
You need to implement the change feed processor to read the documents.
Which features should you use? To answer, drag the appropriate features to the correct requirements. Each feature may be used once, More than once, or not at all. You may need to drag The split bat between panes or scroll to view content Each correct selection is worth one point

Answer:

Explanation:


NEW QUESTION # 90
You are developing an internal website for employees to view sensitive dat a. The website uses Azure Active Directory (AAD) for authentication. You need to implement multifactor authentication for the website.
What should you do? Each correct answer presents part of the solution.
NOTE; Each correct selection is worth one point.

  • A. In Azure AD, create a new conditional access policy.
  • B. Upgrade to Azure AD Premium.
  • C. Configure the website to use Azure AD B2C.
  • D. In Azure AD conditional access, enable the baseline policy.
  • E. In Azure AD, enable application proxy.

Answer: A,B

Explanation:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-getstarted


NEW QUESTION # 91
You are configuring a new development environment for a Java application.
The environment requires a Virtual Machine Scale Set (VMSS), several storage accounts, and networking components.
The VMSS must not be created until the storage accounts have been successfully created and an associated load balancer and virtual network is configured.
How should you complete the Azure Resource Manager template? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation


Box 1: copyIndex
Notice that the name of each resource includes the copyIndex() function, which returns the current iteration in the loop. copyIndex() is zero-based.
Box 2: copy
By adding the copy element to the resources section of your template, you can dynamically set the number of resources to deploy.
Box 3: dependsOn
Example:
"type": "Microsoft.Compute/virtualMachineScaleSets",
"apiVersion": "2020-06-01",
"name": "[variables('namingInfix')]",
"location": "[parameters('location')]",
"sku": {
"name": "[parameters('vmSku')]",
"tier": "Standard",
"capacity": "[parameters('instanceCount')]"
},
"dependsOn": [
"[resourceId('Microsoft.Network/loadBalancers', variables('loadBalancerName'))]",
"[resourceId('Microsoft.Network/virtualNetworks', variables('virtualNetworkName'))]"
],
Reference:
https://docs.microsoft.com/en-us/azure/azure-resource-manager/templates/copy-resources
https://docs.microsoft.com/en-us/azure/virtual-machine-scale-sets/quick-create-template-windows


NEW QUESTION # 92
You are preparing to deploy a Python website to an Azure Web App using a container. The solution will use multiple containers in the same container group. The Dockerfile that builds the container is as follows:

You build a container by using the following command. The Azure Container Registry instance named images is a private registry.

The user name and password for the registry is admin.
The Web App must always run the same version of the website regardless of future builds.
You need to create an Azure Web App to run the website.
How should you complete the commands? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: --SKU B1 --hyper-v
--hyper-v
Host web app on Windows container.
Box 2: --deployment-source-url images.azurecr.io/website:v1.0.0
--deployment-source-url -u
Git repository URL to link with manual integration.
The Web App must always run the same version of the website regardless of future builds.
Incorrect:
--deployment-container-image-name -i
Linux only. Container image name from Docker Hub, e.g. publisher/image-name:tag.
Box 3: az webapp config container set -url https://images.azurecr.io -u admin -p admin az webapp config container set Set a web app container's settings.
Paremeter: --docker-registry-server-url -r
The container registry server url.
The Azure Container Registry instance named images is a private registry.
Example:
az webapp config container set --docker-registry-server-url https://{azure-container-registry-name}.azurecr.io Reference:
https://docs.microsoft.com/en-us/cli/azure/appservice/plan


NEW QUESTION # 93
You need to implement the Log policy.
How should you complete the Azure Event Grid subscription? To answer, drag the appropriate JSON segments to the correct locations. Each JSON segment may be used once, more than once, or not at all. You may need to drag the split bar between panes to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1:WebHook
Scenario: If an anomaly is detected, an Azure Function that emails administrators is called by using an HTTP WebHook.
endpointType: The type of endpoint for the subscription (webhook/HTTP, Event Hub, or queue).
Box 2: SubjectBeginsWith
Box 3: Microsoft.Storage.BlobCreated
Scenario: Log Policy
All Azure App Service Web Apps must write logs to Azure Blob storage. All log files should be saved to a container named logdrop. Logs must remain in the container for 15 days.
Example subscription schema
{
"properties": {
"destination": {
"endpointType": "webhook",
"properties": {
"endpointUrl":
"https://example.azurewebsites.net/api/HttpTriggerCSharp1?code=VXbGWce53l48Mt8wuotr0GPmyJ/nDT4hgd
}
},
"filter": {
"includedEventTypes": [ "Microsoft.Storage.BlobCreated", "Microsoft.Storage.BlobDeleted" ],
"subjectBeginsWith": "blobServices/default/containers/mycontainer/log",
"subjectEndsWith": ".jpg",
"isSubjectCaseSensitive ": "true"
}
}
}
Reference:
https://docs.microsoft.com/en-us/azure/event-grid/subscription-creation-schema


NEW QUESTION # 94
You are developing a microservices solution. You plan to deploy the solution to a multinode Azure Kubernetes Service (AKS) cluster.
You need to deploy a solution that includes the following features:
* reverse proxy capabilities
* configurable traffic routing
* TLS termination with a custom certificate
Which components should you use? To answer, drag the appropriate components to the correct requirements.
Each component may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: Helm
To create the ingress controller, use Helm to install nginx-ingress.
Box 2: kubectl
To find the cluster IP address of a Kubernetes pod, use the kubectl get pod command on your local machine, with the option -o wide .
Box 3: Ingress Controller
An ingress controller is a piece of software that provides reverse proxy, configurable traffic routing, and TLS termination for Kubernetes services. Kubernetes ingress resources are used to configure the ingress rules and routes for individual Kubernetes services.
Reference:
https://docs.microsoft.com/bs-cyrl-ba/azure/aks/ingress-basic
https://www.digitalocean.com/community/tutorials/how-to-inspect-kubernetes-networking


NEW QUESTION # 95
You are developing an application to securely transfer data between on-premises file systems and Azure Blob storage. The application stores keys, secrets, and certificates in Azure Key Vault. The application uses the Azure Key Vault APIs.
The application must allow recovery of an accidental deletion of the key vault or key vault objects. Key vault objects must be retained for 90 days after deletion.
You need to protect the key vault and key vault objects.
Which Azure Key Vault feature should you use? To answer, drag the appropriate features to the correct actions. Each feature may be used once, more than once, or not at all. You may need to drag the split bar between panes or scroll to view content.
NOTE: Each correct selection is worth one point.

Answer:

Explanation:

Explanation

Box 1: Soft delete
When soft-delete is enabled, resources marked as deleted resources are retained for a specified period (90 days by default). The service further provides a mechanism for recovering the deleted object, essentially undoing the deletion.
Box 2: Purge protection
Purge protection is an optional Key Vault behavior and is not enabled by default. Purge protection can only be enabled once soft-delete is enabled.
When purge protection is on, a vault or an object in the deleted state cannot be purged until the retention period has passed. Soft-deleted vaults and objects can still be recovered, ensuring that the retention policy will be followed.
Reference:
https://docs.microsoft.com/en-us/azure/key-vault/general/soft-delete-overview


NEW QUESTION # 96
......

AZ-204 dumps review - Professional Quiz Study Materials: https://braindumps2go.dumpsmaterials.com/AZ-204-real-torrent.html